Protecting Core ML Models – Heartbeat

This selection is composed of two phases. To start with, we encrypt our .mlmodel file on a laptop and add an encrypted model as a resource to our challenge. And next, at runtime we decrypt this file and establish our model making use of the MLModel API.

All we need to have to do to encrypt our .mlmodel is produce a command line software named mlmodelencoder,which will consider two arguments:

The logic is rather straightforward. The total encryption method takes place in MLCryptor.

This is an enum that encapsulates two implementations. If your app supports equipment with iOS >=13, you can use Apple’s CryptoKit. In other scenarios, we’ll use RNCryptor (below the hood, it works by using Apple’s CommonCrypto).

MLCryptor.swift

Be aware: out of the box, you cannot produce a SymmetricKey just by passing a string as argument. So right here is a compact extension that permits you to do it:

If the file is encrypted successfully, in your current folder (where you referred to as mlmodelencoder) you will uncover a new encrypted model of your product — your.mlmodel.enc.

Excellent. We’re halfway there. All we have to do is decrypt the file at runtime on iOS. The functionality for this also seems to be really straightforward:

Wherever cryptoris also the MLCryptor’s occasion (you really should reuse it on equally platforms). Then you can save the decrypted facts and use the MLModel API to operate with it.

As I wrote previously mentioned, all described techniques are ideal for diverse ailments. Decide on just one that very best satisfies your targets. Or you can incorporate them if you’d like, for additional layers of obfuscation.

If you know of other solutions, make sure you speak to me in this article @eigeorguy. And I hope in the around potential, Apple gives us a native way to continue to keep our styles private.